Is there no 3rd option?

It could be cryptographically secure but not scale, for example? Or a problem with the implementation?

The cost of attacking/spamming an IOTA network is virtually $zero, and even f you cant change the past you could perhaps delay the future, indefinitely? Or am I mistaken?